WP-Lister Lite for Amazon

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

Use placeholders and $wpdb->prepare(); found $sql

Unescaped parameter $lock_row_sql used in $wpdb->get_row($wpdb->prepare("\n\t\t\tSELECT *\n\t\t\tFROM $table\n\t\t\tWHERE id = %d\n\t\t\t$lock_row_sql\n\t\t", $id\n\t\t))\n$lock_row_sql assigned unsafely at line 140:\n $lock_row_sql = ''\n$item assigned unsafely at line 142:\n $item = $wpdb->get_row( $wpdb->prepare("\n\t\t\tSELECT *\n\t\t\tFROM $table\n\t\t\tWHERE id = %d\n\t\t\t$lock_row_sql\n\t\t", $id\n\t\t), OBJECT)\n$id used without escaping.

unlink() is discouraged. Use wp_delete_file() to delete a file.

Use placeholders and $wpdb->prepare(); found $sql

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$feed'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$feed'.

Use placeholders and $wpdb->prepare(); found $sql

unlink() is discouraged. Use wp_delete_file() to delete a file.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$content'.